Ready to Start Your Career?


bachan 's profile image

By: bachan

March 27, 2017

Hello Cybrarians! I think all of you would be familiar with Mr. Robot, or at least know that it is a television series. Anyway, I noticed while watching Mr. Robot, that Eliot recognized an attack, name RUDY.

RUDY stands for R U Dead Yet? It is a slow and low rate, application layer exploitation tool. When an attacker uses the rudy tool, it sends a legitimate HTTP POST request with an abnormally long 'content-length' header field and then it starts injecting the form with information, one byte-sized packet at a random time and generates a few thousand requests. By sending numerous small packets, at a very slow rate, R.U.D.Y. creates a massive backlog of application threads, while the long 'Content-Length' field prevents the server from closing the connection.

Eventually, the number and length of open sessions exhaust the target’s resources, making it unavailable to legitimate traffic. It is a form of Denial of Service attack.

Here a video where you can understand more specifically what the attack is:

Schedule Demo